Setting Up FBA and SQL Membership in SharePoint 2010 with PowerShell

A long time ago, I wrote a blog post that shows how to configure the SQL Server Provider for FBA in SharePoint 2010. I have been working on a project that requires me to configure FBA, and I got kind of tired of following my own blog post. Further, it was cumbersome and error-prone to edit the files on all of the servers. There are several examples in the community that perform similar functions, such as Steve Peschka’s excellent example, “SharePoint 2010 Forms Based Authentication Configuration Manager”, and the popular AutoSPInstaller. However, I needed something that works with my existing PowerShell configuration scripts.

What Does It Do?

The code is rather straightforward, and follows directions in my previous blog closely, automating the steps from that blog post. It updates the web.config for each server in a farm.

The “main” part of the script is at the bottom of the page. This is where we ask for all servers in the farm that are application servers (not SQL, Active Directory, or Exchange servers) and iterate through all of them. Note that the currently logged in account must have read-write permissions to all of the servers in the farm and have access to the C drive on each. Also notice that a backup file is created in the directory using the form “yyyy MM dd HH mm.web.config.bak” so that, should something go wrong, you can easily revert back to a previous version of the configuration file.

One of the benefits of Steve Peschka’s example is that it uses the WebConfigModification class so that any new servers added to the farm are automatically updated. To get a similar benefit without installing a feature to the server, simply run this script again… it’s smart enough to check if settings were already applied, and will update the SQL connection string in each file on all servers with the specified value.

If I’m Going to Use This, What Do I Need to Change?

The only part you should have to change in this script are the variables at the bottom:

Note that the script assumes the SQL connection string name “FBA”, membership provider name “FBAMembership”, and role provider name “FBARoles”. I didn’t bother with making variables for those, so be sure to change them if your environment requires different settings.

Show Me The Code!

The code is available as an attachment to this post as well. As usual, this code is provided as-is, no warranties, use at your own risk.

Summary

That’s it! The code is pretty straightforward and broken into individual functions. I smoke-tested this in my environment and it seems to work for either a new environment or an existing environment, but you’ll want to test this in your environment to make sure any assumptions I made are accurate.